لطفا منتظر باشید ...
Chapter 4. Security and Identity Management
In recent
years, the increased accessibility of corporate data and business
information via the Internet has been accompanied by corresponding
security threats. Every system is vulnerable to hackers. Some of
these hackers are criminals; some are pranksters. Either way, they
can wreak havoc with corporate software and data.Careful security planning and implementation is a key part of systems
management. You need to control access to your corporate applications
and protect both applications and their underlying data from harm
caused by both malicious outsiders and careless insiders. Securing
the Oracle Application Server environment is a multipronged effort,
requiring that you consider security in all parts of your overall
Oracle component infrastructure: the Oracle Application Server, the
database, and any E-Business Suite applications deployed in your
environment. In implementing a secure solution, you also need to take
non-Oracle components into account. For example, you should analyze
the security of your web browsers, assess underlying operating system
vulnerabilities, determine whether your configuration requires a
firewall, and investigate the need for virtual private networks
(VPNs).This chapter focuses on how to implement Oracle Application Server as
part of a secure infrastructure. We describe components of the Oracle
Application Server security framework that provide both the security
and the identity management needed for centralized user management
and support for complex password management policies. We conclude the
chapter by briefly describing approaches and architectures for secure
deployment.
